Nils Putninshttps://blog.nils.digital
Thoughts of a Science & Technology enthusiastMon, 23 Apr 2018 09:26:08 +0000en-UShourly1https://blog.nils.digital/files/2017/12/cropped-nils-32x32.pngNils Putninshttps://blog.nils.digital
3232Gelvora data breach and your personal datahttps://blog.nils.digital/gelvora-data-breach-and-your-personal-data/ https://blog.nils.digital/gelvora-data-breach-and-your-personal-data/#respondTue, 10 Apr 2018 12:37:02 +0000https://blog.nils.digital/?p=99 … ]]>Working as a part of Digital Security Alliance, we came across vulnerability affecting Gelvora SIA owned system infodebt.lv. This system potentially contains financial data about most of the citizens of Latvia. Based on the domain registration information provided in WHOIS records, system has been active since year 2013. The vulnerability allowed unauthorized access to the database, with which, all of the database records can be retrieved.

From the information available on Gelvora.lv about infodebt.lv: “The advantages of the database: it is one of the largest debt history databases in Latvia;”. Based on this it’s safe to assume that the database contains information for no less than 1 million of Latvia’s inhabitants.

Timeframe:

Our first step was contacting Gelvora SIA via the only publicly available e-mail inkasso@gelvora.lv, informing them about the security issue. (February 20, 2018)
We received a response from Vygandas Jonušas, CISO for Baltic Region (Marginalen Group) on February 22, 2018.
Through communication with Vygandas, and informing that the issue is related to Gelvora SIA (Latvia) based system, we received information from Irina Namavīra, Chairperson of the Board at Gelvora SIA on March 01, 2018.

On March 05, 2018, the information, based on the principles of Responsible Disclosure, was passed to CERT.LV with full details about vulnerability. March 07, 2018, CERT.LV informed us that Gelvora has mitigated the vulnerability.

Lets take an different perspective on this story. US recently had Equifax data leakage of about 143 million consumers. (less than 40% of the US population) Such information went publicly very quickly and all of the consumers that were affected by this breach are informed and going into lawsuits. In our case, assuming this is well over 50% of Latvia`s inhabitants financial information potentially breached and neither Gelvora SIA is interested about informing their clientele about such incident, neither the security instance of Latvia – CERT.LV is interested in disclosing such information.

]]>https://blog.nils.digital/gelvora-data-breach-and-your-personal-data/feed/0Vagrant + VirtualBox + Laravel Homestead for every PHP developerhttps://blog.nils.digital/vagrant-virtualbox-laravel-homestead-for-every-php-developer/ https://blog.nils.digital/vagrant-virtualbox-laravel-homestead-for-every-php-developer/#commentsMon, 12 Feb 2018 09:23:19 +0000https://blog.nils.digital/?p=90 … ]]>Through the years, I’ve tested several different environments for the most efficient development process. I’m happy to announce that I’ve found the perfect one for me and let me share it with you. First of all, lets start with the setup process. It takes no more than 5 minutes to finish configuration on any *n?x based machinery.

What you need is downloading Oracle VM VirtualBox and Vagrant itself. After you’ve finished the setup for both, open up your terminal (Alt + T for Debian based OS, CMD + Space and write Terminal for Mac OS X). Create a new virtual box of Homestead using the command

vagrant box add laravel/homestead

It will ask you for which Virtual Machine should it install the Homestead. Choose VirtualBox as that’s what you’ll be using. While the box is being downloaded and added, open a new Tab in the Terminal (CMD + T for OS X, CTRL + SHIFT +T for Debian) and enter the command sequence:

Afterwards, when Homestead is initialized, there will be a new file created in the ~/homestead directory called Homestead.yaml. This is the file you’ll be mainly functioning with. It’s pretty self-explanationary, and it should look something like this:

So what we understand from there, all of the hosts will be functioning through 192.168.10.10 IP address and the sources are located in ~/Code/PHP/ directory (~ stands for home). Structure is map domain.tld to ~/Code/PHP/domain.tld folder in your machinery, which will be linked to /home/vagrant/code/domain.tld in the virtual box. Of course, you can choose the folder structure as you wish. Also, as you can see, there are extra parameters such as php, which will allow you to specify PHP version to be used for the domain.

To bind the domains to your actual machine, you need to edit your hosts file located in “/etc/hosts“, so

sudo nano /etc/hosts

Should bring out something similar to this, after entering computers password:

Where you specify 192.168.10.10 (use TAB instead of space) domain.tld for each and every domain name you want to use and then save the file using CTRL + X, enter Y and press ENTER.

At this point, we’re almost done. If you haven’t done that before, you’ll need to open up Terminal once again and enter

ssh-keygen -t rsa -b 4096 -C "youremail@domain.tld"

Now, lets go back to ~/homestead directory and do the magical command that you should memorize:

vagrant up --provision

Note that you need –provision switch only when there’s some changes made in the Homestead.yaml file. Else, you can just use vagrant up.

After you see that the machine has booted, use your favorite browser to navigate to any of the domains specified in the Homestead.yaml and /etc/hosts files. If everything works great, congratulations. If you have “No input file specified” outputted, check your paths in the Homestead.yaml file.

If you have any further questions or problems, feel free to ask them in the comments.

]]>https://blog.nils.digital/vagrant-virtualbox-laravel-homestead-for-every-php-developer/feed/4What’s your perfect computer and software setup?https://blog.nils.digital/whats-your-perfect-computer-and-software-setup/ https://blog.nils.digital/whats-your-perfect-computer-and-software-setup/#respondSat, 27 Jan 2018 18:19:28 +0000https://blog.nils.digital/?p=74 … ]]>Independently from whether you’re working in the IT industry, or are a regular computer user – switching to new hardware is always a hard decision. The only difference for those working in IT industry on daily basis, is the software. For most regular users Windows will be the one and only reasonable decision. Around ten years ago, it was the only reasonable choice also for me. Getting deeper into the industry, the requirements increase and you understand the individual value of each different operating system.

I’ve gone through many different operating systems and here I’ll provide you with some Pros and Cons, together with the solution I’m using currently.

Lets start with basics:

If you’re working with anything Creative (designing, video editing, producing or mixing music etc.) choice for OS X (Macintosh) will always pay back. It’s not only about the software, as any of Adobes (and Abletons) products can also be ran on Windows. It’s mostly about the fact you’re a creative person and Macintosh has thought way much more about UI/UX experiences than Windows. Also, OS X has Final Cut Pro which, not counting Adobe Premiere, is a great video editing software for OS X.

If you’re doing office stuff or using computer for general purposes mostly, it would be the choice for Windows, BUT if you’re:
a) Very interested in your data or clients privacy, especially if you’re a lawyer, entrepreneur or working for NSA (see LUKS Encryption, also BIOS always come in handy)
b) On a strict budget, considering Windows licence costs money (note that even buying a computer that has Windows on it, you’re paying for the licence the money you could invest in hardware if the computer originally comes with any Open Source software)
I suggest you to go for Linux (either Elementary or Ubuntu distributions)

If you’re a gamer well, Windows, obviously. (Even though Steam is currently available also on Linux, it still has a long way to go for the same gaming experience Windows can give)

If you’re doing everything mentioned above and work with Software Development / System Administration / Cyber security, you’ve come to the right chapter. My setup.

Starting with the basis that I’ll always choose *n?x basis systems over anything, I’ve worked with Macintosh and was pretty satisfied. The thing is, Homebrew just wasn’t enough for me and I dislike the restrictions Apple has both in hardware and software.

On the search, I started with Kali Linux, which is mainly aimed towards penetration testing. It was fine, but the installed packages were just too much, knowing that most of them are outdated or not working. I continued by switching back to Ubuntu, which of course will always be an good choice for Linux distribution, but that didn’t satisfy my needs either. I decided to try something completely different – going from Debian to Arch Linux, thus trying Antergos. Also, a great choice and distribution that definitely has its potential, but still something was missing for me. So, doing an task for a client of mine, I found ParrotSec. This leads us to my current setup:

I understood that one Operating System just can’t do all of the required tasks efficiently so I chose for dual-booting option. So my current setup is ParrotSec (development, system administration, penetration testing) Windows (creative, gaming, regular purposes). The installation is done easily, as explained here. And if you’re worried that switching between operating systems will lose your open applications, browser tabs and other information, I’m glad to announce Hibernation takes care of that.

By the way, if you have old ass computer which has <= 2 GB RAM and not a lot of other Hardware resources, you can always use Linux Lite to revive it.

]]>https://blog.nils.digital/whats-your-perfect-computer-and-software-setup/feed/0“Freelancer Office” by gitbench privilege escalation vulnerabilityhttps://blog.nils.digital/freelancer-office-by-gitbench-privilege-escalation-vulnerability/ https://blog.nils.digital/freelancer-office-by-gitbench-privilege-escalation-vulnerability/#respondTue, 16 Jan 2018 15:58:31 +0000https://blog.nils.digital/?p=57 … ]]>Working together with Digital Security Alliance, filling a request to do penetration testing through clients infrastructure, we found privilege escalation vulnerability in “Freelancer Office” by gitbench. The exploit affects all versions above 1.7 (including current release) and can be done in less than 2 minutes, with browser as the only required tool.

Simple Google Dork due to scripts copyright allowed us to find hundreds of vulnerable targets within seconds. All of the targets confirmed that the issue indeed isn’t a false positive. Informing both the author gitbench (via wm@gitbench.com – William Mandai) and distributor Envato, CodeCanyon (via their support channel) is without any success since 8th of January. So, in the interests of existing user data safety and for those that are considering usage of Freelancer Office we are publishing the information as we respected Responsible Disclosure from our side far longer than we should have.

The vulnerability is coming from “application/controllers/Installer.php”. Existing code doesn’t do any checking whether the system has been already installed.

The usage and exploit is by simply adding “/installer/?step=4” (https://gitbench.com/demo/installer/?step=4 for example) after the base path of Freelancer Office installation. From there you can create a new administrative account with which you have full access and privileges to everything within the system.

The security fix is by adding “exit();” function to line 46 of “application/controllers/Installer.php” after the application has been successfully installed. The code block should look like this:

Although I would seriously consider whether to continue using Freelancer Office (and other tools by gitbench) in future. It’s not about the security issue, everyone can make security errors, but it’s a whole different story when thousands of clients (Freelancer Office users) confidential information is ignored when such things as financial data (invoices), their clients, projects and even access data to the servers are freely available to anyone within 2 minutes.

Information in this article can be only republished by having clear source back to here.

]]>https://blog.nils.digital/freelancer-office-by-gitbench-privilege-escalation-vulnerability/feed/0“Hacking” into MacBook Pro to Recover fileshttps://blog.nils.digital/hacking-into-macbook-pro-to-recover-files/ https://blog.nils.digital/hacking-into-macbook-pro-to-recover-files/#commentsTue, 12 Dec 2017 20:19:34 +0000https://blog.nils.digital/?p=35 … ]]>It’s quite often to receive requests for fixing and reinstalling computers from private clients which I’ll decline almost every time. This case was different, as the task was actually interesting. Clients problem was having blue screen right after the booting of the Mac:

Meaning it’s impossible to access any files on the computer, without removing hard drive (and thus, voiding warranty). I had done several tests before with Windows to access filesystem without any kind of authentication requirements, had never tried that on OS X… yet.

The Image has to be written to the flash, with the support of EFI. When done, insert the Flash in to the MacBook and turn it on while holding the Option key at the same time. This is what you should get in successful case scenario:

So, choose the EFI Boot and you’ll be in a wonderland looking like this:

Choose Failsafe (strong errors prevention) option from the menu and wait a moment till the system boots.

If you get into a graphical view of the MacBook, well congratulations – you’re luckier than me. For me, the joyride ended at this point:

At this point you’ll need key combination of Function (Fn) + Ctrl + Option + F2. To get into the terminal.

Next commands would be as follows:

sudo su root

fdisk -l

Getting the output of something like this:

So you can see the available partitions on the computer. Obviously, the interesting one is /dev/sda2, also known as Apple Core Storage.

So again, lets do commands as follows:

fsck.hfsplus -f /dev/sda2

mount -t hfsplus -o force,rw /dev/sda2 /mnt

And for my particular case, that was pretty much it.

You can see all of the folders and basis of the OS X at the bottom. In order to move the files out of the computer, all you need to do is connect an External HDD, mount it pretty much the same way you just did this one and just cp -r all of the files (for me it took around 40 minutes to finish).

]]>https://blog.nils.digital/hacking-into-macbook-pro-to-recover-files/feed/3Things you should stop doing, being an IT professionalhttps://blog.nils.digital/things-you-should-stop-doing-being-an-it-professional/ https://blog.nils.digital/things-you-should-stop-doing-being-an-it-professional/#respondTue, 12 Dec 2017 19:14:33 +0000https://blog.nils.digital/?p=22 … ]]>Talking the alien language that only geeks understand.

Many of the greatest ideas are born when people from different fields come together and decide to discuss their ideas at a basic level. If one can’t put his idea in a level that five year old understands, he doesn’t understand it well enough.

Thinking the user will (spend time to) know the product.

One of the highest qualities is predicting everything that could go wrong, and making sure it doesn’t. If you’ve created a network for selfies, but get cats in pajamas ─ well apparently the impression you’ve made is complete balls.

What have you done, Jeffrey.

People are so busy nowadays with all the information flowing and things changing every second that if the platform isn’t giving quality performance based on users instinct, consider it extinct.

Worrying about perfection.

Don’t worry, you’ll never achieve it. Take the half made idea, put it together and deliver the minimum. You’ll have bigger enthusiasm to develop it further, ability to receive feedback and see what’s to be done next.

“To be worthy does not mean to be perfect.” – Gerrit W. Gong

Staying focused only in this field.

You’ll see a bunch of new possibilities by taking even the smallest step out of your comfort zone. There are many successful businesses that use time consuming methods only because they’re professionals in their area, but not as tech-savvy. Make their life easier.